-- enable RLS and set policies for fcm_tokens

ALTER TABLE public.fcm_tokens ENABLE ROW LEVEL SECURITY;

-- allow users to insert their own tokens
CREATE POLICY "Allow users insert their tokens" ON public.fcm_tokens
  FOR INSERT WITH CHECK (auth.uid() = user_id);

-- allow users to delete their own tokens (e.g. sign out)
CREATE POLICY "Allow users delete their tokens" ON public.fcm_tokens
  FOR DELETE USING (auth.uid() = user_id);

-- allow users to select their own tokens (if needed for debugging)
CREATE POLICY "Allow users select their tokens" ON public.fcm_tokens
  FOR SELECT USING (auth.uid() = user_id);

-- optionally allow update of token value for same user
CREATE POLICY "Allow users update their tokens" ON public.fcm_tokens
  FOR UPDATE USING (auth.uid() = user_id)
  WITH CHECK (auth.uid() = user_id);